// 路由守卫中间件
const checkPermission = (requiredRole) => {
  return (req, res, next) => {
    if (!req.user) {
      return res.status(401).json({ error: 'Unauthorized: No user authenticated' });
    }

    if (requiredRole && !req.user.roles.includes(requiredRole)) {
      return res.status(403).json({ error: 'Forbidden: Insufficient permissions' });
    }

    next();
  };
};

module.exports = {
  checkPermission
};